Print 58 comment(s) - last by wallijonn.. on Jan 30 at 5:15 PM

Lord of War gets defeated by high-definition hackers
The hacker who cracked HD DVD strikes again by defeating Blu-ray Disc encryption

Late last year, a crafty individual who goes by the name “Muslix64” circumvented the copy protection scheme used to protect HD DVD. Given the similarities between the copy protection methods used in the high-definition optical formats, it was only a matter of time before Blu-ray Disc’s protections would be bypassed. However, Muslix64 has no access to Blu-ray hardware, limiting his exploit methods to HD DVD. That is, until Muslix64 came across some specific data for Blu-ray Disc, allowing him to apply his methods to the yet-uncracked format.

Another individual interested in Blu-ray’s protection scheme, “Janvitos,” who also participates in the same online forum where Muslix64 revealed his HD DVD work, posted a message showing the directory structure from a Lord of War Blu-ray Disc movie. Janvitos extracted the information by going through his system’s memory with WinHEX after playing the movie on his computer using WinDVD.

The memory dump information caught the attention of Muslix64, who replied to the thread saying, “In less [than] 24 hours, without any Blu-Ray equipment, but with the help of Janvitos, I managed to decrypt and play a Blu-Ray media file using my known-plaintext attack.” Muslix64 then posted a file as an example of his decryption work, though he did say that his method does not address BD+.

Muslix64 then went on to explain how he was able to accomplish this feat with his plaintext attack method. “This is a very basic, but [powerful] crypto attack that I have used to decrypt both [HD DVD and Blu-ray] formats,” he wrote. “After reading posts of people trying to get the keys in memory, I realized, I have a different way of looking into the problem…A lot of people try to attack the software, I'm attacking the data!”

“So I spent more time analysing the data, to look for patterns or something special to mount my known-plaintext attack,” Muslix64 explains. “Because I know the keys are unprotected in memory, I can skip all the [painful] process of code reversal.”

Although Muslix64 did not have any Blu-ray equipment at his disposal, he was still able to recover the keys with the help of Janvitos’ memory dump file and media file. Blu-ray media files are divided into individual aligned units. The first 16 bytes of each unit are not encrypted, with the rest being encrypted using AES in CBC mode. Muslix64 examined the non-encrypted portions of the data and found a reoccurring pattern, which he used to mount his known-plaintext attack.

Muslix64 goes on: “In most cases, the know-plaintext attack is in fact a guessed-plaintext attack. We ‘assume’ the data will look like something we ‘guessed’ when decrypted. Most of the time, it works! Knowing that, all you have to do, is to write a small program that scan a memory dump file, that comes from of a software player while it was playing the movie. The key is in that file, you have to locate it.”

Once the value and position of the key is in memory, all one has to do is to use a memory landmarking function to locate the key and defeat the encryption. The method discovered by Muslix64 and Janvitos is specific to Blu-ray, though similar means were used to decrypt HD DVD. This hack was made possible by the fact that the keys were not protected in memory when running video-playing software on the PC.

Even without any Blu-ray hardware at his disposal, Muslix64 shortly followed his findings reveal with the alpha release of BackupBluRay V.0.21, software he wrote to decrypt Blu-ray Discs. Limitations to his software at this time are that it doesn’t support BD+ or volume unique keys and that it only supports one CPS key per disc. Users wishing to utilize the software will also have to provide their own CPS unit key.

Those who have tried the software report that they have successfully been able to decrypt and copy their own Blu-ray Discs for playback on both PC software and set-top players. If the cracking of HD DVD and the release of pirated files is of any indication, however, Blu-ray may soon see illegal copies hitting the black market and parts of the Internet.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Huge downloads...
By Micronite on 1/23/2007 9:17:07 PM , Rating: 2
At least for now, I don't see what movie studios are so afraid of. Most people don't have the patience to download a 20+Gig movie file.

You can't really compress it much more since they're already encoded using a variation of MPEG4. And if you reduce the resolution then you've defeated the purpose of HD anyway.

I guess their real concern is that now you'll be able to buy all kinds of HD and BD releases in China on the cheap.

I still wish they wouldn't have spent so much money on trying to keep the data safe (which apparently they didn't). They obviously passed along some of that cost to the consumer and made it even harder for us to adopt a new format.

RE: Huge downloads...
By robber98 on 1/23/2007 9:31:46 PM , Rating: 3
Maybe not in the US... But countries in Asia got insane amount of bandwidth for really low price (E.g. 100Mbps for US$50).

RE: Huge downloads...
By knitecrow on 1/23/2007 9:35:32 PM , Rating: 4
20-50GB only if you are looking at an MPEG2 stream. I am sure you can get the file down to 5-7GB range with the right compress format and tools. On Xbox Live, 720P movie downloads are in the ~5GB range.

RE: Huge downloads...
By daftrok on 1/24/2007 1:39:08 AM , Rating: 2
That's pretty damn good. So I guess the 1080p quality should be around 10GB. But did the movie you rent for 6 bucks (rip off!) have cool menu navigation or special features or anything like that? And seriously, the movie rental should be a pay as you go but for like 2-3 bucks so it can compete. I mean, 6 bucks? At that rate I'd rather get the 9.99 month plan Netflix and Blockbuster has and be able to rent a hellova lot more movies.

RE: Huge downloads...
By wallijonn on 1/30/2007 5:15:58 PM , Rating: 2
"But did the movie you rent for 6 bucks (rip off!) have cool menu navigation or special features or anything like that? "

Cool stuff? Like 20 minutes of trailers on a Disney Movie?

RE: Huge downloads...
By Lonyo on 1/23/2007 9:35:40 PM , Rating: 2
You can still re-encode to smaller file sizes (with a slight loss in quality and loss of features) and end up with a better video than DVD, while keeping the file size reasonable.

RE: Huge downloads...
By PrinceGaz on 1/24/2007 3:50:27 AM , Rating: 3
The last I checked, I could download 25GB from my ISP's news-server in under a day using my basic 4mbps connection, and if I upgraded to 10mbps I could get the same amount of data in under eight hours-- in other words I could set it away before going to bed and it would be finished by the time I'm awake and ready to watch it.

That's just with current broadband speeds. They're continuing to rise steadily so in a couple of years when HD-DVD and Blu-Ray burners are commonplace (assuming both formats survive), downloading 25-30GB will be as trivial as downloading an 8GB DVD movie today is.

RE: Huge downloads...
By wallijonn on 1/30/2007 5:14:00 PM , Rating: 2
And perhaps that is very reason why the American Internet seems to have been diliberately "held back," why some European nations seem to have higher transfer rates. If that is the case, then DRM must be put in place before the Internet can have the ability to transfer 20GB data streams.

"When an individual makes a copy of a song for himself, I suppose we can say he stole a song." -- Sony BMG attorney Jennifer Pariser
Related Articles
First Pirated HD DVDs Released
January 17, 2007, 4:30 PM
Hackers Claim HD DVD Encryption Circumvented
December 28, 2006, 12:24 PM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki